class UserController < ApplicationController

  before_filter :user_authorize

  def index
    @users = User.all
  end


  def new
    @user = User.new
  end


  def edit
    @user = User.find(params[:id])
  end


  def create
    @user = User.new(params[:user])

    if @user.save
      redirect_to(:action => 'index', :id => @user.id)
    else
      render :action => 'new'
    end

  end

  def destroy
    if session[:user_id].to_s != params[:id]
      User.destroy(params[:id])
      redirect_to(:action => 'index')
    else
      flash[:notice] = t('flash.cannot_delete_yourself')
      redirect_to :action => 'index'
    end
  end

  private

  def user_authorize
    if current_user.account_type != 'operator'
      flash[:notice] = t(:only_operator, :scope => 'flash')
      redirect_to :controller => 'welcome'
    end
  end

end
